1 |
On Wednesday 20 August 2003 01:25, Patrick Lauer wrote: |
2 |
|
3 |
> > The problem - indeed - is, that even their latest unstable release |
4 |
> > (1.5.6a) doesn't fix the problem and I observe xmule sharply and am |
5 |
> > waiting for a fixed release or at least a patch. |
6 |
> |
7 |
> I recommend masking _all_ versions at the moment and issuing a GLSA. |
8 |
> Maybe I'm overreacting, but I do not wish to have my computer rooted |
9 |
> :) |
10 |
|
11 |
I did that, just didn't mention it in my email...if you re-sync you |
12 |
should get the new ebuilds + package.mask |
13 |
|
14 |
> > I added an einfo about the security hole in all the xmule ebuilds |
15 |
> > and I hope they release 1.4.4 or something soon (which will |
16 |
> > immediatly be arch of course) |
17 |
> |
18 |
> That's good, but I don't think it's adequate since not everybody |
19 |
> reinstalls xmule every day _and_ reads all einfo lines scrolling by. |
20 |
|
21 |
that einfo is at pkg_postinst() so everbody should see it (at least if |
22 |
nothing else is merged immediatly afterwards ;) |
23 |
|
24 |
-- |
25 |
Rainer Groesslinger |
26 |
http://dev.gentoo.org/~scandium/ |